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DETAILED ACTION 

1 . This action is response to communication: application filed on 10/30/2003 with 
acknowledgement of benefit date of 1 1/04/2002. 

2. Claims 1-13 are currently pending in this application. Claim 1 is an independent 
claim. 

3. No IDS was received for this application. 

Claim Rejections • 35 USC § 101 

4. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

5. Claims 1-13 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

As per claims 1-13, the applicants claim both a method and an apparatus. 
Claiming both a method and an apparatus is directed to neither a "process" nor a 
machine", but rather embraces or overlaps two different statutory classes of invention 
set forth in 35 U.S.C. 101 which is drafted so as to set forth the statutory classes of 
invention in the alternative only. 

Also, as per claims 1-13, the applicants recite the absence of processing means 
within the card reader. Without any processing means, a card reader would be 
rendered useless, as it cannot read a smart card. This invention would then have no 
useful result. 
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Further, as per claims 1-13, the claims do not yield a tangible result. The claim 
consists of only hardware, and an action of demodulating a signal, which does not yield 
a tangible result. 

Claim Rejections - 35 USC §112 

6. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

7. Claims 1-13 rejected under 35 U.S.C. 1 12, first paragraph, as failing to comply 
with the enablement requirement. The claim(s) contains subject matter which was not 
described in the specification in such a way as to enable one skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and/or use the invention. 

^ As per claims 1-13, the applicants recite in the independent claim that processing 
means is absent from the card reader. It is not enabled how a card reader will be able 
to read a card without processing it. 

As per claims 4-13, the method claims wherein the session key is a function of 
the 'previous one*. If this *one' was directed toward a key, it is not enabled how the 
system would work for the first time. For the first time use, there would be no previous 
key, and the system would not be able to operate. 

Also, as per claims 2-13, the claims recite a random number valid only once. As 
seen in the specification, it would seem that each time a card is used, a random number 
must be emitted by a card. It is not enabled by the specification how the smart card 
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itself may generate a random number each time it is used, as there are no details 
describing the generation of a different random number each time. 

8. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

9. Claims 1-13 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

As per claims 1-13, the claims recite both an apparatus and a method. A single 
claim which claims both an apparatus and method steps of using the apparatus is 
indefinite under 35 U.S.C 112, second paragraph. IPXL Holdings v. Amazon.com, Inc., 
430 F.2d 1377, 1384, 77 USPQ2d 1140, 1145 (Fed. Cir. 2005); Ex parte Lyell, 17 
USPQ2d 1548 (Bd. Pat. App. & Inter. 1990). See MPEP 2173.05(p). 

As per claims 1-13, the claims recite an IVR applet... , and characterized by the 
absence It is unclear what part of the invention is being characterized (an applet, 
the system, etc). 

As per claims 2-7, claim 2 recites "and valid only once." It is unclear whether the 
random number, or both the random number and the unique card number is valid only 
once. 

As per claims 3-7, the claims recite "the authentication server." There is 
insufficient antecedent basis for this term. 
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As per claims 4-7, the claims recite "is a function of the previous one." It is 
unclear what "the previous one" is, and there is insufficient antecedent basis for this 
term in the claims. 

As per claims 4-7, the claims recite the term "such as." It is unclear what the 
intended metes and bounds are of the claim, and is therefore indefinite. 

As per claims 5-7, the claims recite "said encryption code." There is insufficient 
antecedent basis for this limitation in the claim. 

As per claims 6-7, the claims recite "the authentication server database." There 
is insufficient antecedent basis for this limitation in the claims. 

As per claims 6-7, the claims recite "using a session key deduced from the 
previous one." It is unclear whether this session key refers to the same session key as 
the ones cited in the previous claims. 

As per claims 9-12, the claim recites "wherein the smart card transmits the 
modulated signal when the switch of the card reader is pressed by the user." This claim 
is contradictory to the parent claim, as it is recited that processing means are absent 
within the card reader. 

As per claims 9-12, the claims recite "the switch of the card reader." There is 
insufficient antecedent basis for this limitation in the claim. 

. As per claims 9-12, the claims recite "the user." There is insufficient antecedent 
basis for this limitation in the claim. 

As per claims 10-12, the claims recite "ISO contact C6." It is unclear what C6 is, 
and there is insufficient antecedent basis for this limitation in the claim. 



Application/Control Number: 10/696,652 Page 6 

Art Unit: 2134 

As per claims 1 1-12, the claims recite "ISO contact C2." It is unclear what C2 is, 
and how a contact is pulled down. There is also insufficient antecedent basis for the 
term "C2" in the claim. 

As per claim 12, the claims recite "the ISO contacts C4 and C8." It is unclear 
what C4 and C8 are, and there is insufficient antecedent basis for this limitation in the 
claims. 

As there are multiple 101 and 1 12 rejections in all the pending claims, the claims 
will be rejected as best understood by the Examiner in order to expedite a complete 
examination of the instant application. 

Claim Rejections - 35 USC § 103 

10. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention Is not identicaliy disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Landry et al US Patent No. 6,687,350 (hereinafter Landry), in view of Brown et al. US 
Patent Application Publication 2001/0013001 (hereinafter Brown). 

As per claim 1 , as best understood by the examiner, Landry teaches a method 
and apparatus to secure online transaction over the phone comprising: a smart card 
transmitting a identification sequence to an IRV server in the form of a modulated signal 
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(col. 10 lines 25-30; col. 5 lines 1-10; col. 6 lines 5-29); a card reader plugged into the 
telephone line (col. 5 lines 1-10; col. 2 lines 45-65), and characterized by the absence of 
processing means within the card reader (throughout the reference, as the smart card 
reader is taught to take input, and the system then processes the information). It is 
inherent that the signal is demodulated, as a modulated signal must be demodulated in 
order for the data to be useful and processed. 

However, at the time of the invention, Landry does not explicitly teach an IVR 
applet. Landry teaches the use of IVR application server in col. 5 lines 10-15, which is 
able to process information. However, applets are well known In the art, as they are just 
small programs designed to run applications. The use of applets with an IVR is taught 
throughout Brown, such as in paragraph 69. 

At the time of the invention, it would have been obvious to include applets in an 
IVR system. Applets are well known in the art, and by implement an applet in an IVR 
system, operations may be performed on servers or clients. This is taught in paragraph 
69 of Brown. 

As per claim 13, Landry teaches wherein the card reader is further integrated into 
the telephone handset (col. 2 lines 45-68). 

1 1 . Claims 2-3 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Landry and Brown as applied above, and further in view of Chang et al. US Patent No. 
6,715,082 (hereinafter Chang). 
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As per claim 2, Landry teaches a credit card number in col. 1 lines 25-29, which 
is a unique number. However, Landry and Brown do not explicitly teach the use of one 
time keys on a smart card. These are well known in the art, as can be seen in Chang 
col. 2 lines10-25. 

At the time of the invention, it would have been obvious to include random one- 
time keys to be stored on smart cards. One of ordinary skill in the art would have been 
motivated to perform such an addition to increase security. This is taught by Chang in 
col. 2 lines 11-15. 

As per claim 3, the one-time password taught by Chang in col. 2 lines 10-25 is a 
key used in a session. It is taught in Chang that this one time password/key is not 
transmitted to an authentication server, as it is only transmitted to an access server. 

12. Claims 4-7 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Landry, Brown, and Chang as applied above, and further in view of Bruce Schneier's 
Applied Cryptography, 2"" Edition (1997), (hereinafter Schneier). 

As per claims 4-7, as best understood by the Examiner, the claims recite the use 
of encryption keys, decryption, one-way functions and authentication. These are well 
known in the art, as taught throughout Schneier, such as in pages 28-42. 

At the time of the invention, it would have been obvious to combine the teachings 
of Schneier with the Landry combination. One of ordinary skill in the art would have 
been motivated to perform such an addition to be able to provide a secure system. The 
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Landry combination is already directed to secure online transactions, and Schneier 
teaches the details of this. 

13. Claims 8-12 are rejected under 35 U.S.C 103(a) as being obvious over the 
Landry combination. 

As per claim 8, the claim recites wherein the smart card is powered by the 
voltage provided by the telephone line. It is well known in the art that telephones are 
powered by the power flowing from telephone lines. At the time of the invention. It 
would have been obvious to power a smart card that is connected to a phone using the 
voltage provided to the phone, as this would reduce the amount of outside power 
sources. 

As per claim 9, the claim recites wherein the smart card transmits a signal when 
a switch is pressed. It is well known In the art to perform an action by pressing a switch. 
At the time of the invention, it would have been obvious to one of ordinary skill in the art 
to transmit a signal when a switch is pressed. One of ordinary skill in the art would have 
been motivated to perform such an addition to be able to manually control the 
transmission. 

As per claims 10-12, as best understood by the Examiner, it is inherent that 
contacts must be used to operate the system electronically. 



Conclusion 
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13. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jason K. Gee whose telephone number is (571 ) 272- 
6431. The examiner can normally be reached on M-F, 7:00 am to 4:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jacques Louis-Jacques can be reached on (571) 272-6962. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free). 



Jason Gee 
Patent Examiner 
Technology Center 2134 
03/28/2007 




